Test ID:	1.3.6.1.4.1.25623.1.0.815819
Category:	Mac OS X Local Security Checks
Title:	Apple Mac OS X Security Updates (HT210722)-01
Summary:	Apple Mac OS X is prone to multiple vulnerabilities.
Description:	Summary: Apple Mac OS X is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - A validation issue related to improper input sanitization. - A memory corruption issue was addressed with improved memory handling. - An out-of-bounds read error related to improper input validation. - An issue existed in the parsing of URLs. - A validation issue related to handling of symlinks. - An inconsistent user interface issue related to improper state management. - Multiple memory corruption issues related to improper memory handling. - A dynamic library loading issue existed in iTunes setup. - A validation issue existed in the entitlement verification. Please see the references for more information on the vulnerabilities. Vulnerability Impact: Successful exploitation allow attackers to read restricted memory, execute arbitrary code with system privileges, conduct data exfiltration, bypass authentication, disclosure of user information and conduct spoofing attack. Affected Software/OS: Apple Mac OS X version 10.15 Solution: Upgrade to Apple Mac OS X 10.15.1 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-8817 https://support.apple.com/HT210722 Common Vulnerability Exposure (CVE) ID: CVE-2019-8788 https://support.apple.com/HT210721 Common Vulnerability Exposure (CVE) ID: CVE-2019-8789 Common Vulnerability Exposure (CVE) ID: CVE-2019-8858 https://support.apple.com/en-us/HT210722 Common Vulnerability Exposure (CVE) ID: CVE-2019-8807 Common Vulnerability Exposure (CVE) ID: CVE-2019-8754 Common Vulnerability Exposure (CVE) ID: CVE-2017-7152 http://seclists.org/fulldisclosure/2019/Oct/49 http://seclists.org/fulldisclosure/2019/Oct/56 http://seclists.org/fulldisclosure/2019/Oct/54 Common Vulnerability Exposure (CVE) ID: CVE-2019-8805 Common Vulnerability Exposure (CVE) ID: CVE-2019-8803 https://support.apple.com/HT210723 https://support.apple.com/HT210724 Common Vulnerability Exposure (CVE) ID: CVE-2019-8801 https://support.apple.com/HT210726 Common Vulnerability Exposure (CVE) ID: CVE-2019-8794 Common Vulnerability Exposure (CVE) ID: CVE-2019-8829 https://support.apple.com/en-us/HT210721 https://support.apple.com/en-us/HT210723 https://support.apple.com/en-us/HT210724 Common Vulnerability Exposure (CVE) ID: CVE-2019-15126 Cisco Security Advisory: 20200227 Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure http://packetstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.html https://us-cert.cisa.gov/ics/advisories/icsa-20-224-05 Common Vulnerability Exposure (CVE) ID: CVE-2019-8784 https://support.apple.com/HT210727 https://support.apple.com/HT210728 Common Vulnerability Exposure (CVE) ID: CVE-2019-8796 https://support.apple.com/en-us/HT211134
Copyright	Copyright (C) 2019 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.